I received mine two days ago as a separate email.

While many may argue the pros and cons to privacy policies, there are good reasons why the updated policies are re-distributed.

The list goes on and on, and encompasses much more than the seven reasons I quote below. If you stop and think about each of these reasons it is easy to see how minutia can enter the equation and require an updated policy. Especially number 6, laws are continuously being changed.

I've even seen makeovers sent within hours of the original all because a name was misspelled, a title given incorrectly or the document needed an extra paragraph.


So to summarize, here are the 7 reasons you need a privacy policy:

  1. If you have customers or employees, you need to safeguard personal information.
  2. Laws do not usually establish Privacy Practices. Privacy Policies create Privacy Practices.
  3. Privacy Policies are often required by law or regulation.
  4. Your business faces privacy challenges which nobody else faces.
  5. Cloud Computing, Social Media, Goods and Services, Employer, and other activities pose unique challenges to handling personal information.
  6. You must comply with specific regulations if you have customers or employees in specific states or the EU, or if your servers (or the servers of a subcontractor) reside in the EU.
  7. Your company has affirmative privacy obligations with respect to minors under 13 years old.

Source: 7 Reasons Why Your Company Needs a Privacy Policy - Security Catalyst